coronanyheder.site Open in urlscan Pro
185.199.111.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://coronanyheder.site/
Submission: On May 10 via automatic, source certstream-suspicious (May 10th 2020, 4:22:07 pm UTC)

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 19 domains to perform 59 HTTP transactions. The main IP is 185.199.111.153, located in United States and belongs to FASTLY, US. The main domain is coronanyheder.site.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 11th 2020. Valid for: 3 months.

This is the only time coronanyheder.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	185.199.111.153 185.199.111.153	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3035::6812:39c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.97.53 143.204.97.53	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00:189::3f46	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	91.214.22.65 91.214.22.65	50783 (JPPOL) (JPPOL)
1	2a02:26f0:6c0... 2a02:26f0:6c00:18d::f33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:207... 2600:9000:2070:f400:e:e7fb:1dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
59	18

25 185.199.111.153 (United States)

ASN54113 (FASTLY, US)

coronanyheder.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6812:39c2 (United States)

ASN13335 (CLOUDFLARENET, US)

media.avisen.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.97.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-53.fra50.r.cloudfront.net

www.lokalavisen.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:189::3f46 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

asset.dr.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.214.22.65 (Copenhagen, Denmark)

ASN50783 (JPPOL, DK)
PTR: multimedia.ekstrabladet.dk

ekstrabladet.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:18d::f33 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

ichef.bbci.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2070:f400:e:e7fb:1dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.borsen.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	coronanyheder.site coronanyheder.site	357 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	133 KB
5	gstatic.com fonts.gstatic.com	39 KB
5	googleapis.com fonts.googleapis.com maps.googleapis.com	120 KB
2	doubleclick.net googleads.g.doubleclick.net
2	dr.dk asset.dr.dk	115 KB
2	imgur.com i.imgur.com	67 KB
1	ytimg.com s.ytimg.com	25 KB
1	youtube.com www.youtube.com	1 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	894 B
1	google.de adservice.google.de	894 B
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	borsen.dk media.borsen.dk	87 KB
1	bbci.co.uk ichef.bbci.co.uk	251 KB
1	ekstrabladet.dk ekstrabladet.dk	32 KB
1	lokalavisen.dk www.lokalavisen.dk	31 KB
1	avisen.dk media.avisen.dk	63 KB
0	infolinks.com Failed resources.infolinks.com Failed
59	19

	Domain	Requested by
25	coronanyheder.site	coronanyheder.site pagead2.googlesyndication.com
5	fonts.gstatic.com	pagead2.googlesyndication.com
4	maps.googleapis.com	coronanyheder.site maps.googleapis.com
4	pagead2.googlesyndication.com	coronanyheder.site pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	asset.dr.dk	coronanyheder.site
2	i.imgur.com	coronanyheder.site
1	s.ytimg.com	www.youtube.com
1	www.youtube.com	coronanyheder.site
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	coronanyheder.site
1	media.borsen.dk	coronanyheder.site
1	ichef.bbci.co.uk	coronanyheder.site
1	ekstrabladet.dk	coronanyheder.site
1	www.lokalavisen.dk	coronanyheder.site
1	media.avisen.dk	coronanyheder.site
1	fonts.googleapis.com	coronanyheder.site
0	resources.infolinks.com Failed	coronanyheder.site
59	21

This site contains no links.

Subject Issuer	Validity	Valid
coronanyheder.site Let's Encrypt Authority X3	`2020-03-11` - `2020-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-18` - `2020-09-17`	a year	crt.sh
lokaltidningen.se Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
*.dr.dk GlobalSign Organization Validation CA - SHA256 - G2	`2018-05-23` - `2020-08-25`	2 years	crt.sh
*.ekstrabladet.dk Sectigo RSA Domain Validation Secure Server CA	`2020-02-14` - `2022-05-18`	2 years	crt.sh
www.bbc.co.uk GlobalSign RSA OV SSL CA 2018	`2019-08-01` - `2020-11-07`	a year	crt.sh
*.borsen.dk GlobalSign RSA OV SSL CA 2018	`2020-01-28` - `2022-04-24`	2 years	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.google.de GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://coronanyheder.site/
Frame ID: 17AB9531952F6F9F8F7B00B986F68E10
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200506/r20190131/zrt_lookup.html
Frame ID: 0ECB6D840190B2EF481EC12FD6B4B41F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3203855426099307&output=html&adk=1812271804&adf=3025194257&lmt=1583955024&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcoronanyheder.site%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1589127705495&bpp=19&bdt=70&idt=90&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=126313492134&frm=20&pv=2&ga_vid=779932347.1589127706&ga_sid=1589127706&ga_hid=932145982&ga_fc=0&iag=0&icsg=683&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21065925%2C21066085%2C368226501%2C21060079%2C423550200&oid=3&pvsid=848067099741080&pem=602&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=216
Frame ID: 8FBF03C9FE1139848E8FC020EC614436
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: F373DD7E8D6A17990FAF8D202FBCA7C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^GitHub\.com$/i

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^GitHub\.com$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

GitHub Pages (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^GitHub\.com$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

59
Requests

98 %
HTTPS

76 %
IPv6

19
Domains

21
Subdomains

18
IPs

4
Countries

1358 kB
Transfer

2728 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
coronanyheder.site/ 16 KB
4 KB 168ms
113ms Document
text/html 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

7528afad602ec96de8132521f90e408ffd9a360192dc980da0c6baa1aa4ac659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

:method: GET
:authority: coronanyheder.site
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: GitHub.com
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31556952
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
etag: W/"5e693c50-40e8"
access-control-allow-origin: *
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9F70:388F:2FD0D2:3C6F96:5EB82A18
accept-ranges: bytes
date: Sun, 10 May 2020 16:21:45 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4056-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1589127705.320059,VS0,VE92
vary: Accept-Encoding
x-fastly-request-id: 4959114c5d3418c692725ed144fe57b1c715a3e6
content-length: 3944

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
39 KB 46ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3192855c28ef91d7831705ebafc85dffc3516e6888f1bb3159d05112f0232c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 10 May 2020 16:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 39147
x-xss-protection: 0
server: cafe
etag: 1761079482385545439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 May 2020 16:21:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
800 B 21ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:100,200,400,300,500,600,700

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7ea5dbfb6da7507fe6fd4c943fb29b2161f95722e38b33045b71990301f30f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 10 May 2020 16:21:45 GMT
server: ESF
date: Sun, 10 May 2020 16:21:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 May 2020 16:21:45 GMT

GET
H2 200 linearicons.css
coronanyheder.site/css/ 8 KB
2 KB 135ms
129ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/css/linearicons.css

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

f0767561c44fc65c14649e3a39539525178803e8b75dd7ca036f5fd717623402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 03fcac6eb08622b8b409e0a2630161b9258e9e16
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-20aa"
age: 0
x-cache: MISS
status: 200
content-length: 1673
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 172E:74CA:B9F725:E6BAD1:5EB82A19
x-timer: S1589127705.443513,VS0,VE96
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 font-awesome.min.css
coronanyheder.site/css/ 30 KB
7 KB 122ms
117ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/css/font-awesome.min.css

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 78f6dc21396dba14d4c2ee5ab00d31bc55f642d4
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-7918"
age: 0
x-cache: MISS
status: 200
content-length: 7102
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 21AA:29A9:5E4C80:765590:5EB82A19
x-timer: S1589127705.443503,VS0,VE94
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 bootstrap.css
coronanyheder.site/css/ 146 KB
21 KB 135ms
130ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/css/bootstrap.css

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

51fdb7aeef5cab390b19cb913327b0ded9601cd79b49b0837d0c4838d4c2b22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 66706c8c5a0aee1227c7e8d3797adf900f432c5f
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-2475c"
age: 0
x-cache: MISS
status: 200
content-length: 21212
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 758E:79E6:BB1F35:E7DCF2:5EB82A17
x-timer: S1589127705.443492,VS0,VE97
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 magnific-popup.css
coronanyheder.site/css/ 7 KB
2 KB 392ms
387ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/css/magnific-popup.css

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 972a3f01406c12acc3064f885a87f3926918a03e
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-1b27"
age: 0
x-cache: MISS
status: 200
content-length: 1834
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 7138:3BA1:602142:78108C:5EB82A19
x-timer: S1589127705.443490,VS0,VE364
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 nice-select.css
coronanyheder.site/css/ 4 KB
1 KB 120ms
115ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/css/nice-select.css

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: a71c6d5ef74369c3f9110818c999b65efb91be9b
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-fa7"
age: 0
x-cache: MISS
status: 200
content-length: 1062
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 8024:1B37:C392F5:F1F799:5EB82A19
x-timer: S1589127705.444062,VS0,VE93
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 animate.min.css
coronanyheder.site/css/ 52 KB
4 KB 151ms
146ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/css/animate.min.css

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: f1c099493682d754aa0a308fefb63d1b14180419
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-ce35"
age: 0
x-cache: MISS
status: 200
content-length: 4103
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 96FA:64E8:C40F94:F28ED9:5EB82A19
x-timer: S1589127705.444026,VS0,VE106
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 owl.carousel.css
coronanyheder.site/css/ 4 KB
1 KB 133ms
128ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/css/owl.carousel.css

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

7342aa28694e4ad5609e0b47a82f860d116a0231f81dea54437127015e82ca3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 522f9a0e973efd68370b900e9da3fbb984acb3ca
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-1010"
age: 0
x-cache: MISS
status: 200
content-length: 1159
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: B238:1B34:163809:1CD33B:5EB82A19
x-timer: S1589127705.443985,VS0,VE96
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 jquery-ui.css
coronanyheder.site/css/ 35 KB
8 KB 121ms
116ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/css/jquery-ui.css

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

0c4d3a0355367c316b970244620ae7e3b502a465f0e1c5803a7d8f68efe2c509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 8f9395bf5d09404de039e513d5cc7558835da1b6
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-8c85"
age: 0
x-cache: MISS
status: 200
content-length: 8444
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: B40A:7579:B8AF3B:E4D9A6:5EB82A19
x-timer: S1589127705.443977,VS0,VE94
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 main.css
coronanyheder.site/css/ 57 KB
9 KB 121ms
116ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/css/main.css

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e12f32b6d2217a117f75f853d248dcf0feb08e59ed7cbb02f2aba747ac4d1df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 8d53628b44044060d76c8c0b5c19118a85d34f95
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-e2bd"
age: 0
x-cache: MISS
status: 200
content-length: 8766
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: CE82:35D8:BD53BF:EA90C1:5EB82A19
x-timer: S1589127705.443967,VS0,VE94
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 G9V2prs.png
i.imgur.com/ 22 KB
22 KB 63ms
20ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/G9V2prs.png
Requested by: Host: coronanyheder.site
URL: https://coronanyheder.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: a681b37378465a769391a427875205faf81769d67adc655b244cdbc13337b307

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 10 May 2020 16:21:45 GMT
age: 1713446
x-cache: HIT, HIT
status: 200
content-length: 22205
x-served-by: cache-bwi5145-BWI, cache-fra19146-FRA
last-modified: Wed, 11 Mar 2020 14:28:18 GMT
server: cat factory 1.0
x-timer: S1589127705.485718,VS0,VE1
etag: "fee00f00db7d1847ffb5d1bb17cd4966"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 deUI6As.png
i.imgur.com/ 45 KB
45 KB 75ms
32ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/deUI6As.png
Requested by: Host: coronanyheder.site
URL: https://coronanyheder.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 2b6ad86863671d848ca3fde5e968958403cabbb7221d0321c369ac4f2de06a2c

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 10 May 2020 16:21:45 GMT
age: 1111645
x-cache: HIT, HIT
status: 200
content-length: 45950
x-served-by: cache-bwi5121-BWI, cache-fra19146-FRA
last-modified: Wed, 11 Mar 2020 14:29:57 GMT
server: cat factory 1.0
x-timer: S1589127705.485665,VS0,VE2
etag: "76d039c1a30c229d923d8efebbda30cb"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 img.jpg
media.avisen.dk//image/13353887/30/ 63 KB
63 KB 328ms
303ms Image
image/jpeg 2606:4700:3035::6812:39c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.avisen.dk//image/13353887/30/img.jpg
Requested by: Host: coronanyheder.site
URL: https://coronanyheder.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:39c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4fbe36dbed61eb9af62c516ebea7a384da3dcdf7dd7b4c4fa905f1be5198540c

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 10 May 2020 16:21:45 GMT
cf-cache-status: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 64457
cf-request-id: 02a0fd8b73000016e69fa28200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 5914febf1beb16e6-FRA
expires: Mon, 10 May 2021 16:21:45 GMT

GET
H2 200 Ritzau%20002
www.lokalavisen.dk/nyheder/fmriry-Ritzau-002/ALTERNATES/LANDSCAPE_640/ 30 KB
31 KB 558ms
365ms Image
image/jpeg 143.204.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lokalavisen.dk/nyheder/fmriry-Ritzau-002/ALTERNATES/LANDSCAPE_640/Ritzau%20002
Requested by: Host: coronanyheder.site
URL: https://coronanyheder.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-53.fra50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 27eb1c434c77d7a66d3e7d6272672663aaa5149bfa84ddb5a04bc9971105c53e

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 10 May 2020 16:21:45 GMT
via: 1.1 varnish-v4, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
age: 0
x-cache: Miss from cloudfront
x-cache-host: pres1
status: 200
x-cache-backend: localhost0
content-length: 31216
x-ua: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; VOSA 1.0)
last-modified: Wed, 11 Mar 2020 09:45:16 GMT
server: Apache-Coyote/1.1
etag: "6dd8645785390276fc1d9acfc2dbd937"
vary: Accept-Encoding
x-varnish: 156749595
cache-control: max-age=604800, s-maxage=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: 0HO6gS_VcqEzmfebaL-h6SR7JL4yj2Km4KP3qQ_4GKIAN2zaulPV1Q==

GET
H2 200 /
asset.dr.dk/imagescaler/ 57 KB
57 KB 346ms
301ms Image
image/jpeg 2a02:26f0:6c00:189::3f46
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.dr.dk/imagescaler/?protocol=https&server=www.dr.dk&file=%2Fimages%2Fother%2F2020%2F03%2F10%2F20200310212823579_1000.jpg&scaleAfter=crop&quality=70&w=720&h=405

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:189::3f46 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ce8283bb6ad5a1ab635819ef6ee5bde390dfb88a292314925b83fc3ac45f56ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 10 May 2020 16:21:45 GMT
server: Microsoft-IIS/10.0
fritz: 14
x-via: Imagescol10
status: 200
cache-control: public, max-age=24955
strict-transport-security: max-age=15768000
content-type: image/jpeg
content-length: 58125
expires: Sun, 10 May 2020 23:17:40 GMT

GET
H/1.1 200
OK desktop-20191023185348
ekstrabladet.dk/incoming/jam04j/7844702/IMAGE_ALTERNATES/relationBig/ 31 KB
32 KB 137ms
33ms Image
image/jpeg 91.214.22.65
JPPOL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ekstrabladet.dk/incoming/jam04j/7844702/IMAGE_ALTERNATES/relationBig/desktop-20191023185348
Requested by: Host: coronanyheder.site
URL: https://coronanyheder.site/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 91.214.22.65 Copenhagen, Denmark, ASN50783 (JPPOL, DK),
Reverse DNS: multimedia.ekstrabladet.dk
Software: /
Resource Hash: c785c99b001de90fd356d4fe1235acca86cc4aaba159991b46f083c544f395cb

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 06 May 2020 15:39:56 UTC
Via: 1.1 varnish (Varnish/6.0)
X-EB-Device: desktop
Age: 348108
X-Jobs: Looking for an interesting job? please visit ekstrabladet.dk/job
grace: none
X-Cache: HIT
X-Cache-Host: cerberus100
Connection: keep-alive
X-Backend: escenicengine33
Content-Length: 31899
Last-Modified: Wed, 23 Oct 2019 16:53:58 UTC
X-Trace: 2BDC048A9DB4D3D9206E29C46933E593201713227A000000000000000000
ETag: "6bb005d06ae42248b5556b1cb1c7b998"
X-Varnish: 515423953 258879819
Cache-Control: s-maxage=604800, max-age=31536000, public, post-check=31536000, pre-check=31536000
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=UTF-8

GET
H2 200 _111219903_globalmapfinal_11mar_v2-nc.png
ichef.bbci.co.uk/news/976/cpsprodpb/790F/production/ 250 KB
251 KB 29ms
12ms Image
image/png 2a02:26f0:6c00:18d::f33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ichef.bbci.co.uk/news/976/cpsprodpb/790F/production/_111219903_globalmapfinal_11mar_v2-nc.png
Requested by: Host: coronanyheder.site
URL: https://coronanyheder.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:18d::f33 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c1218d5e6497198b6c36f59309a533e6685a0eca92d6a7dd20aecf2b36ba336

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: q9R81_jyehqKwPWP0APJWiAeVouJrXe0
etag: "fca4ad7fe761fd402dd18bc15ca2f9a2"
x-amz-request-id: 831E57E704EF3CC4
status: 200
content-length: 255681
x-amz-id-2: r4ET9KZsJ47aOZFkFX7Fca9KUSGWABNV6QugMWS2gxvQlMtFtIKzR4kB9DS8oUHFWYYA0ehevyM=
last-modified: Wed, 11 Mar 2020 11:37:17 GMT
server: AmazonS3
date: Sun, 10 May 2020 16:21:45 GMT
access-control-max-age: 300
access-control-allow-methods: HEAD,GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers: *
expires: Wed, 05 May 2021 00:10:51 GMT

GET
H2 200 /
asset.dr.dk/imagescaler/ 58 KB
58 KB 560ms
543ms Image
image/jpeg 2a02:26f0:6c00:189::3f46
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.dr.dk/imagescaler/?protocol=https&server=www.dr.dk&file=%2Fimages%2Fother%2F2020%2F03%2F04%2F20200229-141411-l-1920x1280we.jpg&scaleAfter=crop&quality=70&w=720&h=480

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:189::3f46 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7405f08be410c5eae970fb0bab094d53256195d1715670997ac7dc80565daffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 10 May 2020 16:21:46 GMT
server: Microsoft-IIS/10.0
fritz: 14
x-via: Imagescol10
status: 200
cache-control: public, max-age=25000
strict-transport-security: max-age=15768000
content-type: image/jpeg
content-length: 59074
expires: Sun, 10 May 2020 23:18:26 GMT

GET
H2 200 396350_16_9_large_65.jpg.jpg
media.borsen.dk/borsen-dk//nyheder/generelt/jd23sm-396350169large65jpg/alternates/LANDSCAPE_1024/ 86 KB
87 KB 208ms
41ms Image
image/jpeg 2600:9000:2070:f400:e:e7fb:1dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.borsen.dk/borsen-dk//nyheder/generelt/jd23sm-396350169large65jpg/alternates/LANDSCAPE_1024/396350_16_9_large_65.jpg.jpg
Requested by: Host: coronanyheder.site
URL: https://coronanyheder.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:f400:e:e7fb:1dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: de40ae3763aec50970c4eb099bae95aab8c20c84ee4573f2aaffca3b81faa908

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 23:56:53 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
age: 750292
x-cache-status: MISS
x-cache: Hit from cloudfront
status: 200
content-length: 88188
x-request-id: f48420fa-d7ba-4516-8d1f-95faa878a187
last-modified: Tue, 25 Feb 2020 13:43:23 GMT
server: nginx
etag: "1588377413.401279-88188-1050482836"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public,max-age=2592000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
x-amz-cf-id: 8NR_4Mdx285YCbaI5dD0ZIPnHmEfK2Ur7bmUN11B9xWf_5uw_AkB9Q==

GET
H2 200 jquery-2.2.4.min.js Show response
coronanyheder.site/js/vendor/ 84 KB
30 KB 142ms
137ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/vendor/jquery-2.2.4.min.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: e21e11e3198577f366bd79e8349fc55368e95e22
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-14e49"
age: 0
x-cache: MISS
status: 200
content-length: 30062
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 2E68:74CA:B9F725:E6BAA0:5EB82A17
x-timer: S1589127705.445084,VS0,VE98
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 34ms
14ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://coronanyheder.site/
Origin: https://coronanyheder.site

Response headers

date: Sun, 10 May 2020 16:21:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8064229
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02a0fd8b6b000063a76112a200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:25:14 GMT
server: cloudflare
etag: W/"5afd4a7a-4af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5914febf197663a7-FRA
expires: Fri, 30 Apr 2021 16:21:45 GMT

GET
H2 200 bootstrap.min.js Show response
coronanyheder.site/js/vendor/ 48 KB
13 KB 150ms
145ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/vendor/bootstrap.min.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 782a412704fcdb670d8e6a25e81ad1cffc63d867
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-bf30"
age: 0
x-cache: MISS
status: 200
content-length: 13216
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 5D6E:35D7:5FF5F5:77CC80:5EB82A17
x-timer: S1589127705.455513,VS0,VE95
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 114 KB
38 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBhOdIF3Y9382fqJYt5I_sswSrEw5eihAA

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

617ce56bd93bc7838a8a280e284f090aa879df3d0534026f0fac8a3bc6df5834

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 10 May 2020 16:21:45 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=11
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38300
x-xss-protection: 0
expires: Sun, 10 May 2020 16:51:45 GMT

GET
H2 200 easing.min.js Show response
coronanyheder.site/js/ 2 KB
910 B 150ms
145ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/easing.min.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 7c0ad03b39f9e4950c6cf46cd4bdc2e67846469f
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-8fe"
age: 0
x-cache: MISS
status: 200
content-length: 767
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 9CFC:7579:B8AF3C:E4D99A:5EB82A18
x-timer: S1589127705.455501,VS0,VE93
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 hoverIntent.js Show response
coronanyheder.site/js/ 7 KB
3 KB 149ms
144ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/hoverIntent.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

7b3070fb9a342f6dd16891b9c6948b3327829243f4c525a3aca14f5b73924d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 71dd67e932990eb65fc57f4a565419bcbe726a05
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-1b08"
age: 0
x-cache: MISS
status: 200
content-length: 2359
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: F714:4611:C39D01:F27E8E:5EB82A18
x-timer: S1589127705.455497,VS0,VE91
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 superfish.min.js Show response
coronanyheder.site/js/ 4 KB
2 KB 150ms
146ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/superfish.min.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

f31f14f173559d1bc035ffcec66bdcd19b6685f42a2853bf7eaabd1e4bd9aba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: a481f3c5d8b60058d43d1f017c6d5e75f3a51f3f
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-117a"
age: 0
x-cache: MISS
status: 200
content-length: 1885
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 71C4:6459:633510:7BBE23:5EB82A18
x-timer: S1589127705.455450,VS0,VE95
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 jquery.ajaxchimp.min.js Show response
coronanyheder.site/js/ 5 KB
2 KB 420ms
415ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/jquery.ajaxchimp.min.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

3c7c17459ec57867f6812625f1b95e2f878363ca728b92a5968d2fc8e60d9712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 455e66b8c008ac0b2c3d8c0849b290303ffc9eaf
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-12d4"
age: 0
x-cache: MISS
status: 200
content-length: 1197
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 7140:5056:16F847:1DCAA5:5EB82A19
x-timer: S1589127705.455446,VS0,VE383
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 jquery.magnific-popup.min.js Show response
coronanyheder.site/js/ 20 KB
7 KB 148ms
144ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/jquery.magnific-popup.min.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 75cf64b0776546a3a2b51be5b0623398a6144a71
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-4ef8"
age: 0
x-cache: MISS
status: 200
content-length: 7363
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: F654:044F:9E6C0:DB8EE:5EB82A12
x-timer: S1589127705.455442,VS0,VE91
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 mn-accordion.js Show response
coronanyheder.site/js/ 9 KB
2 KB 147ms
143ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/mn-accordion.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

a38a3f1ffc372c76c9807fee40ce63053766e7434ca5487ce4baf1ea13e31d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: a146bfe967ec90515404e6e60e736c62f969b07e
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-2361"
age: 0
x-cache: MISS
status: 200
content-length: 2101
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 9F70:388F:2FD0D5:3C6F97:5EB82A19
x-timer: S1589127705.455387,VS0,VE89
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 jquery-ui.js Show response
coronanyheder.site/js/ 509 KB
125 KB 154ms
150ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/jquery-ui.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: a6527aad83bd182466bf15a55eac02fce8859c31
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-7f20a"
age: 0
x-cache: MISS
status: 200
content-length: 127834
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 17B6:75EE:BE3B09:EC2F60:5EB82A19
x-timer: S1589127705.455427,VS0,VE106
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 jquery.nice-select.min.js Show response
coronanyheder.site/js/ 3 KB
1 KB 148ms
144ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/jquery.nice-select.min.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: f9881e75f0db20e10841545d2634ff6966a30c12
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-b7e"
age: 0
x-cache: MISS
status: 200
content-length: 1036
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 2B2C:0CF3:16C811:1D8CBC:5EB82A19
x-timer: S1589127705.455422,VS0,VE93
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 owl.carousel.min.js Show response
coronanyheder.site/js/ 39 KB
11 KB 148ms
144ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/owl.carousel.min.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: e52b1ff413edbc22f197bceb375ea2f86050b64f
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-9dd1"
age: 0
x-cache: MISS
status: 200
content-length: 10666
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 42E2:33F4:C04FE8:EE4A99:5EB82A19
x-timer: S1589127705.455340,VS0,VE93
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 mail-script.js Show response
coronanyheder.site/js/ 1 KB
636 B 149ms
146ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/mail-script.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

01f639fd4c4119503e72e2bf2eb9c8a5984f7c83c7683c82dd0350ee9f63b3fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 3a5186c00b686201b0a1ddabd60c99176331d65c
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-4ce"
age: 0
x-cache: MISS
status: 200
content-length: 494
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: EB78:79E6:BB1F36:E7DD36:5EB82A19
x-timer: S1589127705.455314,VS0,VE98
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 main.js Show response
coronanyheder.site/js/ 13 KB
3 KB 146ms
143ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/js/main.js

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

aed6be366b03fd008067b88b7075a967562f0f135e506735842235dee58af282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: a485c028946811560b7b397d09a12fcc48ff965d
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5e693c50-357c"
age: 0
x-cache: MISS
status: 200
content-length: 3119
x-served-by: cache-hhn4056-HHN
access-control-allow-origin: *
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: CE10:049D:5F4888:776074:5EB82A0F
x-timer: S1589127705.455238,VS0,VE89
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
894 B 34ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=coronanyheder.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 May 2020 16:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
894 B 37ms
16ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=coronanyheder.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 May 2020 16:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/ 217 KB
82 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4008c399421c2f1282faf06b2631a925629c9fb9bdfa56b972bb8754d829be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 10 May 2020 16:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83827
x-xss-protection: 0
server: cafe
etag: 14851109439880523126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 May 2020 16:21:45 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200506/r20190131/ Frame 0ECB 0
0 18ms
6ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200506/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200506/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://coronanyheder.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://coronanyheder.site/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 07 May 2020 02:45:36 GMT
expires: Thu, 21 May 2020 02:45:36 GMT
content-type: text/html; charset=UTF-8
etag: 4094386822458569044
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4444
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 308169
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:100,200,400,300,500,600,700
Origin: https://coronanyheder.site

Response headers

date: Thu, 23 Apr 2020 17:38:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:13 GMT
server: sffe
age: 1464170
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7836
x-xss-protection: 0
expires: Fri, 23 Apr 2021 17:38:55 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:100,200,400,300,500,600,700
Origin: https://coronanyheder.site

Response headers

date: Tue, 05 May 2020 23:12:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 407331
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7968
x-xss-protection: 0
expires: Wed, 05 May 2021 23:12:54 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:100,200,400,300,500,600,700
Origin: https://coronanyheder.site

Response headers

date: Wed, 06 May 2020 05:20:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:29 GMT
server: sffe
age: 385295
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7924
x-xss-protection: 0
expires: Thu, 06 May 2021 05:20:10 GMT

GET
H2 200 Linearicons-Free.woff2
coronanyheder.site/fonts/ 21 KB
21 KB 116ms
115ms Font
font/woff2 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/fonts/Linearicons-Free.woff2?w118d

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://coronanyheder.site/css/linearicons.css
Origin: https://coronanyheder.site

Response headers

x-fastly-request-id: 513e8788c50170935acd95391598d70305e3e7d4
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "5e693c50-5514"
age: 0
x-cache: MISS
status: 200
content-length: 21780
x-served-by: cache-hhn4056-HHN
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 0DE8:7226:B6AC35:E2A98E:5EB82A19
x-timer: S1589127706.617792,VS0,VE93
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:100,200,400,300,500,600,700
Origin: https://coronanyheder.site

Response headers

date: Thu, 16 Apr 2020 05:42:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:10 GMT
server: sffe
age: 2111951
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
expires: Fri, 16 Apr 2021 05:42:34 GMT

GET
H2 200 fontawesome-webfont.woff2
coronanyheder.site/fonts/ 75 KB
76 KB 209ms
209ms Font
font/woff2 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://coronanyheder.site/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://coronanyheder.site/css/font-awesome.min.css
Origin: https://coronanyheder.site

Response headers

x-fastly-request-id: 726e0eeecce1701a571c4a1d15ffcbdc49ef4df1
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "5e693c50-12d68"
age: 0
x-cache: MISS
status: 200
content-length: 77160
x-served-by: cache-hhn4056-HHN
last-modified: Wed, 11 Mar 2020 19:30:24 GMT
server: GitHub.com
x-github-request-id: 0980:773F:C4308B:F3438C:5EB82A18
x-timer: S1589127706.620454,VS0,VE183
date: Sun, 10 May 2020 16:21:45 GMT
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sun, 10 May 2020 16:31:45 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:100,200,400,300,500,600,700
Origin: https://coronanyheder.site

Response headers

date: Sat, 11 Apr 2020 06:11:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:14 GMT
server: sffe
age: 2542204
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7960
x-xss-protection: 0
expires: Sun, 11 Apr 2021 06:11:41 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8FBF 0
0 37ms
36ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3203855426099307&output=html&adk=1812271804&adf=3025194257&lmt=1583955024&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcoronanyheder.site%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1589127705495&bpp=19&bdt=70&idt=90&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=126313492134&frm=20&pv=2&ga_vid=779932347.1589127706&ga_sid=1589127706&ga_hid=932145982&ga_fc=0&iag=0&icsg=683&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21065925%2C21066085%2C368226501%2C21060079%2C423550200&oid=3&pvsid=848067099741080&pem=602&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=216

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3203855426099307&output=html&adk=1812271804&adf=3025194257&lmt=1583955024&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcoronanyheder.site%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1589127705495&bpp=19&bdt=70&idt=90&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=126313492134&frm=20&pv=2&ga_vid=779932347.1589127706&ga_sid=1589127706&ga_hid=932145982&ga_fc=0&iag=0&icsg=683&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21065925%2C21066085%2C368226501%2C21060079%2C423550200&oid=3&pvsid=848067099741080&pem=602&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=216
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://coronanyheder.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://coronanyheder.site/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 10 May 2020 16:21:45 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 10-May-2020 16:36:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 10 May 2020 16:21:45 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bb5347fd356ae8863aeb2695b9f2125a42b90449cd729e3527456dd1f20897b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 10 May 2020 16:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588975424504927"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27855
x-xss-protection: 0
expires: Sun, 10 May 2020 16:21:45 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
1 KB 44ms
21ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: coronanyheder.site
URL: https://coronanyheder.site/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

d548a9f91441aadb04287c2fca64b6da0a385c05c6e822978a6e2a79660cb1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 10 May 2020 16:21:45 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET infolinks_main.js
resources.infolinks.com/js/ 0
0

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflcv97xo/ 68 KB
25 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflcv97xo/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb7b1d2879140cf195c9413693e8b5deb87e3e350c9ab8b33989172a3de77d2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 21:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239456
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25540
x-xss-protection: 0
last-modified: Thu, 07 May 2020 18:54:52 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 15 May 2020 21:50:50 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 39ms
19ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200506&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6148e243a97595cb486c5603f34aaaeab6fdacd7a4146721791ab6f7e0a6ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 May 2020 16:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5502
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 10 May 2020 16:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Sun, 10 May 2020 16:21:46 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame F373 0
0 6ms
6ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://coronanyheder.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://coronanyheder.site/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Sun, 10 May 2020 15:56:50 GMT
expires: Mon, 10 May 2021 15:56:50 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1496
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 39ms
38ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200506&jk=848067099741080&bg=!tLelt69YxQAFMqbgn4UCAAAAWFIAAAAUmQF6-bdG7szg0hu1URWZjSMLy3JdR2fpzFczANUy0FTdyWhET7W2OQVmPG91E-zHL1cQUTmBfF6GHRvJAkvugXFZibUvKHe0NpZNy2GJEsCM2eaqTTg5P0nKND_siVz886LLA7r_SVIR_hz4GflwfUkeT4KrS5dohQ3QqQDrHqTFaH70e7-pU79Ir3rAoFumxoXAyCnk5dxAU5FlwW5m1-4JT1bBzQJ1_DpFJsuuNzFGNZ_tlHy5I0hBvLVCFYEVMu6jZrrjcJJx8VCKPsIL_6nDsyF1MD0ii2JPe1ga-Y1arXJ0uZxtlHx9x_meP3IeVvhBm5VAjBpOZD8pUvhZyeL8m_lFIMPhvcQaa1So-q1fiMZXJcTSQEmoRLpOTgs9-UfgQHRYSXs7r1DfSfICWaekhAr0YEEe2oHsJTxjz8mffsGhieUTJdnrVseWOaR8QwxIh9P6iRoVPcL90YbvRDuvNu5YkkOVLWILYp4ofVowk1SzTeeNleadNyRY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 May 2020 16:21:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/12/ 77 KB
28 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/12/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBhOdIF3Y9382fqJYt5I_sswSrEw5eihAA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

577883ab78d528858b4661d48c37c13fef4d1a5d3ead50c068bdd7a0006b6a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 06 May 2020 19:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 00:16:31 GMT
server: sffe
age: 332852
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29052
x-xss-protection: 0
expires: Thu, 06 May 2021 19:54:18 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/12/ 144 KB
53 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/12/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBhOdIF3Y9382fqJYt5I_sswSrEw5eihAA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f6a9caa0a8dc7e1fe441797afed2828f72d394d008b780492b8bc00d7d31b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 06 May 2020 19:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 00:16:31 GMT
server: sffe
age: 332852
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54116
x-xss-protection: 0
expires: Thu, 06 May 2021 19:54:18 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
144 B 20ms
20ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fcoronanyheder.site%2F&4sAIzaSyBhOdIF3Y9382fqJYt5I_sswSrEw5eihAA&callback=_xdc_._kt1ml7&key=AIzaSyBhOdIF3Y9382fqJYt5I_sswSrEw5eihAA&token=77366

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/40/12/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

950389b3d7656ce774cee047b5d12203f196e74723ee68f47761634a1d2d73bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://coronanyheder.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 May 2020 16:21:50 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=6
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: resources.infolinks.com
URL: http://resources.infolinks.com/js/infolinks_main.js

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 09:25:28	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
asset.dr.dk
cdnjs.cloudflare.com
coronanyheder.site
ekstrabladet.dk
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
ichef.bbci.co.uk
maps.googleapis.com
media.avisen.dk
media.borsen.dk
pagead2.googlesyndication.com
resources.infolinks.com
s.ytimg.com
tpc.googlesyndication.com
www.googletagservices.com
www.lokalavisen.dk
www.youtube.com
resources.infolinks.com
143.204.97.53
151.101.12.193
185.199.111.153
2600:9000:2070:f400:e:e7fb:1dc0:93a1
2606:4700:3035::6812:39c2
2606:4700::6810:85e5
2a00:1450:4001:801::2003
2a00:1450:4001:808::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:817::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:821::2001
2a00:1450:4001:821::2002
2a02:26f0:6c00:189::3f46
2a02:26f0:6c00:18d::f33
91.214.22.65
01f639fd4c4119503e72e2bf2eb9c8a5984f7c83c7683c82dd0350ee9f63b3fd
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
0c4d3a0355367c316b970244620ae7e3b502a465f0e1c5803a7d8f68efe2c509
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b
27eb1c434c77d7a66d3e7d6272672663aaa5149bfa84ddb5a04bc9971105c53e
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b6ad86863671d848ca3fde5e968958403cabbb7221d0321c369ac4f2de06a2c
3c7c17459ec57867f6812625f1b95e2f878363ca728b92a5968d2fc8e60d9712
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4008c399421c2f1282faf06b2631a925629c9fb9bdfa56b972bb8754d829be47
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
4d3192855c28ef91d7831705ebafc85dffc3516e6888f1bb3159d05112f0232c
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
4fbe36dbed61eb9af62c516ebea7a384da3dcdf7dd7b4c4fa905f1be5198540c
51fdb7aeef5cab390b19cb913327b0ded9601cd79b49b0837d0c4838d4c2b22b
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
577883ab78d528858b4661d48c37c13fef4d1a5d3ead50c068bdd7a0006b6a29
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
617ce56bd93bc7838a8a280e284f090aa879df3d0534026f0fac8a3bc6df5834
66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a
7342aa28694e4ad5609e0b47a82f860d116a0231f81dea54437127015e82ca3f
7405f08be410c5eae970fb0bab094d53256195d1715670997ac7dc80565daffd
7528afad602ec96de8132521f90e408ffd9a360192dc980da0c6baa1aa4ac659
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b3070fb9a342f6dd16891b9c6948b3327829243f4c525a3aca14f5b73924d62
7c1218d5e6497198b6c36f59309a533e6685a0eca92d6a7dd20aecf2b36ba336
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
8f6a9caa0a8dc7e1fe441797afed2828f72d394d008b780492b8bc00d7d31b0c
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
950389b3d7656ce774cee047b5d12203f196e74723ee68f47761634a1d2d73bc
9bb5347fd356ae8863aeb2695b9f2125a42b90449cd729e3527456dd1f20897b
a38a3f1ffc372c76c9807fee40ce63053766e7434ca5487ce4baf1ea13e31d3d
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a681b37378465a769391a427875205faf81769d67adc655b244cdbc13337b307
aed6be366b03fd008067b88b7075a967562f0f135e506735842235dee58af282
c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d
c785c99b001de90fd356d4fe1235acca86cc4aaba159991b46f083c544f395cb
cb7b1d2879140cf195c9413693e8b5deb87e3e350c9ab8b33989172a3de77d2b
ce8283bb6ad5a1ab635819ef6ee5bde390dfb88a292314925b83fc3ac45f56ed
d548a9f91441aadb04287c2fca64b6da0a385c05c6e822978a6e2a79660cb1c5
d6148e243a97595cb486c5603f34aaaeab6fdacd7a4146721791ab6f7e0a6ab0
de40ae3763aec50970c4eb099bae95aab8c20c84ee4573f2aaffca3b81faa908
e12f32b6d2217a117f75f853d248dcf0feb08e59ed7cbb02f2aba747ac4d1df1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f0767561c44fc65c14649e3a39539525178803e8b75dd7ca036f5fd717623402
f31f14f173559d1bc035ffcec66bdcd19b6685f42a2853bf7eaabd1e4bd9aba0
f7ea5dbfb6da7507fe6fd4c943fb29b2161f95722e38b33045b71990301f30f5
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

coronanyheder.site Open in urlscan Pro 185.199.111.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

59 Requests

98 %HTTPS

76 %IPv6

19 Domains

21 Subdomains

18 IPs

4 Countries

1358 kBTransfer

2728 kBSize

1 Cookies

0 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

coronanyheder.site Open in urlscan Pro
185.199.111.153 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

98 %
HTTPS

76 %
IPv6

19
Domains

21
Subdomains

18
IPs

4
Countries

1358 kB
Transfer

2728 kB
Size

1
Cookies

59 HTTP transactions
0 data transactions